possible so that we can provide in most situations the absolute
pathname in the AUX vector so that $ORIGIN works. The following
are implementation issues:
1. deep path execs still don't work (can't provide path to the AUX vector)
2. the returned path is not normalized (cosmetic)
to init_sysctl_base (only base kernel defs). Main motivation was to
fix sysconf(_SC_NPROCESSORS) for Rumprun. As reported by neeraj on irc,
it returned -1 before this fix, so we were doing imaginary computing.
output to drain to five seconds so that exiting processes with
buffered output for a serial port blocked by flow control or a pty
that is not being read do not hang indefinitely. Should fix PRs
kern/12534 and kern/17171. This is an updated version of the change
of tty.c 1.263.
the journal into a function. Make that function work correctly with
sector sizes != DEV_BSIZE when compiled outside the kernel (i.e.
fsck_ffs).
Fixes PR bin/45933
- move the P_PAX_ flags out of #ifdef PAX_ASLR in pax.h
- add a generic pax_flags_active() function
- fix a comment in exec_elf.c; interp is not static
- KNF for return
- rename pax_aslr() to pax_aslr_mmap()
- rename pax_segvguard_cb() to pax_segvguard_cleanup_cb()
2. honor O_CLOEXEC, so the children of daemons that use cloning devices, don't
end up with the parents descriptors
fd_clone and in general the fd approach of 'allocate' > 'play with guts' >
'attach' should be converted to be more constructor like.
XXX: pullup-{6,7}
VFS_SYNC does not consider whether we are performing a force unmount or not,
and therefore it can wait for a while if the filesytstem is misbehaving.
Removing VFS_SYNC before VFS_UNMOUNT on forced unmount fixes the problem.
This should not cause harm as the VFS_SYNC seems just useless.
As noted by Chuck Silvers in
http://mail-index.netbsd.org/tech-kern/2015/07/13/msg019156.html
- Nothing seems to prevent vnodes from getting dirty again after VFS_SYNC call.
- Filesystems do flush data through vflush() in VFS_UNMOUNT anyway.
As a consequence, the VFS_SYNC call in do_unmount() could probably be
completely removed. But since such a change is quite dangerous, we just
remove it in the case of forced unmounts, which are situations where
the risk of data loss is known to the operator.
- don't confuse between ELF flags and proc flags. Introduce the proc-
specific P_PAX_ASLR, P_PAX_MPROTECT and P_PAX_GUARD flags.
- introduce pax_setup_elf_flags(), which takes as argument the PaX flag
of the ELF PaX note section, and which sets the proc flag as
appropriate. Also introduce a couple of other functions used for that
purpose.
- modify pax_aslr_active(), and all the other similar pieces of code, so
that it checks the proc flag directly, without extra ELF computation
In addition to making PaX clearer, the combination of these changes fixes
the following bug: if a non-PaX'ed process is launched, and then someone
sets security.pax.{aslr,mprotect,segvguard}.global=1, the process becomes
PaX'ed while its address space hasn't been randomized, which is not likely
to be a good idea.
Now, only the proc flag is checked at runtime, which means the process's
PaX status won't be altered during the execution.
Also:
- declare PAX_DPRINTF, makes it more readable
- fix a typo in exec_elf.h
- merge uvm_kmguard.{c,h} into subr_kmem.c. It is only user there, and
makes it more consistent. Also, it allows us to enable KMEM_GUARD
without enabling DEBUG.
- rename uvm_kmguard_XXX to kmem_guard_XXX, for consistency
- improve kmem_guard_alloc() so that it supports allocations bigger than
PAGE_SIZE
- remove the canary value, and use directly the kmem header as underflow
pattern.
- fix some comments
(The UAF fifo is disabled for the moment; we actually need to register
the va and its size, and add a weight support not to consume too much
memory.)
output to drain to five seconds so that exiting processes with
buffered output for a serial port blocked by flow control do not
hang indefinitely. Should fix PR kern/12534. OK christos.
clean up after ourselves. Mostly, this checks to make sure that
there are no active itmes, and then deallocates wired kernel virtual
memory. For SYSVSEM, we also disestablish the exithook() so we
won't try to call it after destroying its memory pool!
For monolithic kernels, both modules will be compiled as "built-ins",
while modular environments will be able to load the SYSVSEM, SYSVSHM,
and SYSVMSG code independant from the rest of compat.
This is a necessary precursor step to making the "STD" SYSV* code
into a separate module.
Tested in both monolithic and modular environments with no errors
seen.
- move the syncer into kern/vfs_subr.c.
- change the syncer to process the mountlist and VFS_SYNC as appropriate.
- use an API for mount points similiar to the API for vnodes:
- vfs_syncer_add_to_worklist(struct mount *mp) to add
- vfs_syncer_remove_from_worklist(struct mount *mp) to remove a mount.
No objections on tech-kern@
